Computer programs are traditionally developed by the writing of source code for components of the program that include a main module and various other modules functions, or subroutines that are invoked by the main module. The source code of components of computer programs are typically developed specifically for the domain of one computer program. As a result, one computer program might not be able to use components developed specifically for another computer program. Although some utility components (e.g., sort routines) can be reused by different computer programs, they are typically very low-level components that are not related to the domain of the computer program. Because of the inability to reuse high-level components for multiple computer programs, the cost of developing a computer program can be quite high. In addition, because the components are new, their reliability is unproved.
Many techniques have been developed to facilitate the reusability and reliability of software components. One well-known technique is object-oriented programming. Object-oriented programming allows a programmer to define a type of component, known as an “object.” Each type of object has a defined interface with a defined behavior. A programmer can develop a computer program to use the interfaces of objects that have been developed by other programmers to provide that behavior within the computer program. The behavior of an object is provided by methods (or member functions), and the data of an object is provided as attributes (or data members). Some object-oriented programming languages allow attributes to be set and retrieved directly (e.g., “object.attribute1=15”), while other object-oriented programming languages only allow attributes to be set and retrieved indirectly through methods (e.g., “object.setAttribute1(15)”). The methods for setting attributes are referred to as “set methods” and for retrieving attributes are referred to as “get methods.”
Although object-oriented programming techniques have helped increase the reusability and reliability software components, it is still very expensive to develop a computer program even using these reusable components. Part of the expense is attributable to the need of a computer programmer to know and understand all the interfaces of the components in order to integrate the components into the desired computer program. It would be desirable to have a programming technique that would increase reusability and reliability of the software components while reducing the overall expense of developing computer programs.
One specific situation where problems arise is in security enforcement. Security is important in a wide variety of types of programs, such as access to items in a database—the program designer may want to assign different security access to different users of and different items in the database. One solution to providing security enforcement is to implement a fixed security scheme in which fixed rules are added to the program to limit access as desired. However, such fixed rules can be difficult to change and do not easily port over to other programs. Another solution is to implement the security enforcement in the underlying component being accessed (e.g., a database). However, this solution suffers from the same problem of being difficult to change and not easily ported over to other programs.
Thus, a need remains for a security enforcement technique that allows for easier changing of the security to accommodate different environments (e.g., databases storing different types of information or items) as well as to be able to easily apply the security enforcement to different programs with reduced overall expense.